best way to ensure './' is at beginning of sys.path?
Michael Torrie
torriem at gmail.com
Sun Feb 5 00:22:18 EST 2017
On 02/04/2017 12:20 PM, Lew Pitcher wrote:
> It doesn't take root access to write a file to /tmp
> In fact, /tmp is specifically set up to allow /any/ user to create /any/ file
> or directory in it.
>
> Witness:
> <snip>
>
> guest at bitsie:~$ chmod a+x /tmp/dothis
>
> Hey! I've even made the file executable
If I'm not mistaken I used to make /tmp a different partition when I
managed uni lab computers and I would mount it as noexec. I also made
sure that removable media was always mounted as noexec. The main reason
for the latter was that ownership and permissions bits were blindly
honored on mounted file systems and there's no way we would allow
someone to bring a setuid command into our lab computers through a
floppy, cd, or usb stick (heck it was probably zip drives back then).
More information about the Python-list
mailing list